CVE-2012-3419 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:N/C:P/I:N/A:N
redhat	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 79%

Vendor	Product	Version
sgi	performance_co-pilot	𝑥 ≤ 3.6.4
sgi	performance_co-pilot	2.1.1
sgi	performance_co-pilot	2.1.2
sgi	performance_co-pilot	2.1.3
sgi	performance_co-pilot	2.1.4
sgi	performance_co-pilot	2.1.5
sgi	performance_co-pilot	2.1.6
sgi	performance_co-pilot	2.1.7
sgi	performance_co-pilot	2.1.8
sgi	performance_co-pilot	2.1.9
sgi	performance_co-pilot	2.1.10
sgi	performance_co-pilot	2.2

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

pcp

bullseye	5.2.6-1 fixed
bookworm	6.0.3-1.1 fixed
sid	6.3.1-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

pcp

zesty	not-affected
yakkety	not-affected
xenial	not-affected
wily	ignored
vivid	ignored
utopic	ignored
trusty	dne
saucy	ignored
raring	ignored
quantal	ignored
precise	ignored
oneiric	ignored
natty	ignored
lucid	ignored
hardy	dne

Common Weakness Enumeration

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References

http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085324.html

http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085333.html

http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00024.html

http://oss.sgi.com/cgi-bin/gitweb.cgi?p=pcp/pcp.git%3Ba=blob%3Bf=CHANGELOG%3Bh=16c9cbb2f61d909487ea1c3171f4ab33e5648ac5%3Bhb=fe51067ae869a4d59f350ac319b09edcb77ac8e6

http://www.debian.org/security/2012/dsa-2533

http://www.openwall.com/lists/oss-security/2012/08/16/1

https://bugzilla.redhat.com/show_bug.cgi?id=841702

https://hermes.opensuse.org/messages/15471040

https://hermes.opensuse.org/messages/15540133

https://hermes.opensuse.org/messages/15540172

http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085324.html

http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085333.html

http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00024.html

http://oss.sgi.com/cgi-bin/gitweb.cgi?p=pcp/pcp.git%3Ba=blob%3Bf=CHANGELOG%3Bh=16c9cbb2f61d909487ea1c3171f4ab33e5648ac5%3Bhb=fe51067ae869a4d59f350ac319b09edcb77ac8e6

http://www.debian.org/security/2012/dsa-2533

http://www.openwall.com/lists/oss-security/2012/08/16/1

https://bugzilla.redhat.com/show_bug.cgi?id=841702

https://hermes.opensuse.org/messages/15471040

https://hermes.opensuse.org/messages/15540133

https://hermes.opensuse.org/messages/15540172